/**
 * Collaborative Story Development Web Application (CSDApp) 
 * Copyright Anton Strack 2014
 *
 * This file is part of Collaborative Story Development Application (CSDApp).
 *
 * CSDApp is free software: you can redistribute it and/or modify it under the
 * terms of the GNU General Public License as published by the Free Software
 * Foundation, either version 3 of the License, or any later version.
 *
 * CSDApp is distributed in the hope that it will be useful, but WITHOUT ANY
 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
 * A PARTICULAR PURPOSE. See the GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along with
 * CSDApp. If not, see <http://www.gnu.org/licenses/>.
 *
 */
package csdwa;

/**
 * This interface defines how the access control lists will work. Each access
 * control list is defined by a primary resource type id and a user role id.
 * Classes that implement this interface are intended to select the access
 * control list rows in bulk to reduce the calls to the database to just a few
 * per request.
 *
 * @author Anton Strack
 */
public interface AclDaoPattern {

    

    /**
     * Populates the AclDaoPattern object with the access control list according
     * to the     * primary resource type id and the user role id. This method must be called
     * to populate access control list, otherwise all calls to isAllowed() will
     * return false.
     */
    public void populateACL();

    /**
     * This method performs the actual acl authorization according to the
     * object's acl list and the values passed in to it.
     *
     * @param ActionId the action id representing the action to be preformed by
     * the role on the resource
     * @param isOwned a 1 or 0 integer indicating if the resource is owned by
     * the user with the current role. Ownership must be determined beforehand.
     * @return 1 if the user is authorized to preform the action on the
     * resource. Returns 0 if the access is denied, there is no matching access
     * control, or the access control list wasn't populated with values.
     */
    public boolean isAllowed(int ActionId, int isOwned);

    /**
     * This method performs the actual acl authorization according to the
     * object's acl list and the values passed in to it.
     *
     * @param ActionId the action id representing the action to be preformed by
     * the role on the resource
     * @param isOwned a 1 or 0 integer indicating if the resource is owned by
     * the user with the current role. Ownership must be determined beforehand.
     * @param resourceId the direct resource type id that the action is to be
     * executed on. This is for instances where the primary resource id is set
     * as a parent resource type for a group of related resources.
     * @return
     */
    public boolean isAllowed(int ActionId, int isOwned, int resourceId);
}
